Cyber crime responses may get more aggressive
In October, President Obama signed Presidential Policy Directive 20, which establishes a strict set of standards to guide the operations of federal agencies in confronting cyber threats.
The Washington Post says that, "The new directive is the most extensive White House effort to date to wrestle with what constitutes an 'offensive' and a 'defensive' action in the rapidly evolving world of cyberwar and cyberterrorism, where an attack can be launched in milliseconds by unknown assailants utilizing a circuitous route. For the first time, the directive explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with threats."
That raises the prospect that we will likely see a more aggressive response, as the government might rely on military cyber operations to respond to various attacks. It's fair to say that people are growing more frustrated as the attacks on banks, infrastructure companies and government agencies grow more brazen. The view in Washington increasingly is that more forceful military approaches may be warranted. Some of this may seem a bit subtle.
"An example of a defensive cyber-operation that once would have been considered an offensive act, for instance, might include stopping a computer attack by severing the link between an overseas server and a targeted domestic computer."
In this era of APT, the stakes are getting higher, and everyone would be wise to be clear on what our options are in the wake of an attack.
- here's the article